In our interactions with clients and prospects we have increasingly seen a need amongst corporate compliance as well as forensic and security professionals, for supervisory and monitoring capabilities in their environment. The primary objective being to proactively identify non-compliance with corporate policies, insider threats and potentially fraudulent or other nefarious activity.
So why would an eDiscovery provider be interested in this?
Well, most of these issues usually result in some form of investigation or litigation; this is where we, as eDiscovery professionals, get involved. Unfortunately, this is usually done retrospectively and sometime after the event has passed, making it harder to identify the relevant facts as the trail of evidence becomes longer, more aged and sometimes obfuscated or removed. The eDiscovery exercise then becomes protracted, expensive and with a reduced guarantee of success.
Wouldn’t it be better if corporate compliance, forensic and security professionals had a toolset that would allow them to proactively monitor user communications and activity in their environment? A toolset that would give them ‘early warning’ signals of non-complaint behaviour across the user base and allow them to act? And where deemed necessary, the signals that warrant further investigation can then be escalated into an eDiscovery case for a more robust review and analysis.
Proactive use of Cognitive Analytics
Recent developments in the Artificial Intelligence (AI) features found in some leading eDiscovery platforms give these platforms the ability to be used more proactively in a supervisory context. I am not talking about Technology-Assisted Review (TAR) or Continuous Active Learning (CAL) but rather what we like to term Cognitive Analytics.
Cognitive Analytics are primarily performed on semi-structured (email, messaging) and unstructured data (documents) which typically constitute in excess of 70% of an organisation’s electronic information estate. The semi-structured and unstructured data can be combined, using industry standard connectors and APIs, into a central location for cognitive processing and analysis.
An example of this is Sentiment Analysis, which can help identify classic fraud triangle indicators such as pressure, opportunity and rationalisation or positive and negative emotions in language. When used in conjunction with a Graphing Database it is possible to identify emotions in the communications between people and other related entities. Named Entity Recognition (NER) can identify and extract organisations, people, places, or other entities that may be of interest (e.g. medical terms or names of law firms) so they can be used in further analysis to identify clusters of potentially responsive content and trends. Natural Language Processing (NLP) can be used to identify topics and summary phrases in text and, most importantly, how otherwise innocent expressions and topics may take on a new and more ‘interesting’ meaning when their interrelationships are surfaced.. For example, identifying the prevalence of the term ‘minister’, when regularly located near the term ‘allegations’ along with the summary phrase ‘procurement of defective batteries’ in the communications between a group of employees, would warrant deeper investigation than any of those stand-alone expressions.
Combining Leading Indicators
The real value that can be realised using Cognitive Analytics is when sentiment, extracted entities and NLP are combined, along with other metadata, such as classifiers from Machine Learned Models. Machine Learned Models can be trained against organisational data to identify certain behavioural activity (e.g. harassment, bullying, kickbacks) or construct, as well as being able to classify document types or characteristics, based on the content (e.g. contracts, fee discussions or privileged information). Once built, models can be retained and applied to new data sets from a new or related allegation, so the training effort is not lost.
As the models are continuously being refined through training and learning against more relevant data sets, non-compliant behaviour is identified earlier with far more accuracy.
Discovery Risk Mitigation
The integration of Cognitive Analytics into an organisation’s monitoring and supervisory programme (perhaps driven by indicators operating at scale from such technologies as Microsoft Insider Risk in Microsoft 365) can enable compliance, forensic and security professionals to be more pre-emptive in identifying non-complaint behaviour. When considered as part of a broader Discovery Risk Mitigation strategy, these ‘early warning’ supervisory activities can reduce risk, allow for a more accurate and rapid response, and reduce the investigation and litigation burden to an organisation.
If you would like to find out more about how Salient Discovery can assist you with supervision and Cognitive Analytics purposes, contact us here.